ARC Informatique - Security policy

Computer systems are more and more exposed to threats and attacks with potentially dramatic consequences. Faced with these dangers, it is essential to ensure the protection of these computer systems in order to guarantee their security. The solutions we supply are concerned by these issues as they are often at the heart of security sensitive environments, in automated process control or in systems designed to ensure people safety and property security.

As such, we design our solutions by following processes and using technologies that contribute to the security of those systems.However, despite our best efforts, our products may contain vulnerabilities susceptible to jeopardize the security of the systems in which they are integrated. With the goal of minimizing the effects of these vulnerabilities, ARC Informatique works openly with its customers, the authorities and the general public.

In practice, and beyond the design phases or our products, we commit ourselves to:1. Making our knowledge available to customers and partners so as to help them setting up secured solutions,2. Actively watching and following-up vulnerability alerts related to our products,3. Coordinating our actions with the CERT network – Computer Emergency Response Teams – and with computer security experts who support these commitments and the CERT recommendations,4. Communicating with transparency about known vulnerabilities in our products by issuing security alerts – Whether the issue has been discovered internally or by a third-party,5. Upon an alert, issuing as fast as possible security bulletins providing immediate risk mitigation information to customers,6. Leveraging knowledgeable feedback to design more secure products.